“The Travelers Guide To Wi-Fi Hacking”

  • 0

“The Travelers Guide To Wi-Fi Hacking”

Dear Blast Reader,

Do you stay at hotels when you travel? Do you ever use the hotel internet? Did you know that there may be someone spying on you while you are in your hotel? Did you know that hackers target hotel Wi-fi? Did you know that the hackers that target hotel wi-fi also target traveling business professionals?


Hotel wi-fi is targeted and compromised to assist in the delivering of the malicious payload to the selected victims. A ­payload is the part of the malware that performs the malicious action. Those behind the attack continually evolve the malware’s tactics and payload. It is believed that the attackers are exploiting the vulnerabilities in the server software, either by:

  • Gaining remote access.
  • Physically gaining access to the hotel and the hotel’s servers.


Now, attackers are using a new form of malware known as the “Inexsmar Attack”. This attack starts with a phishing email.  To make the email look real, the message is tailored to you. This email address you by name, and has real looking documents attached.


But, looks can be deceiving. Within this email there is a self-extracting archive package. This is a package that begins the trojan downloader process. A trojan downloader process is a malicious program, usually installed through an exploit or some other deceptive means. Using email attachments the malware is installed onto your computer. Once you are convinced to open the attachment, hackers will then initiate their malware attack.


How does the malware go un-detected?

To prevent being detected, the malware is downloaded in stages. These stages include:

  1. Hiding malicious codes and strings by linking malicious code to otherwise unrelated code.
  2. The malware then runs an operation to download the second part of the payload, the trojan malware.


So, as your defences improve, it is believed that the multi-stage download for the trojan malware is an evolutionary way to keep the trojan viable.

So, how do you protect yourself?

To protect yourself against this new form of advanced and evolutionary trojan malware, here are a few tips:

  1. Use public wi-fi as little as possible. Hackers exploit public wi-fi in places like coffee shops, restaurants, and hotels.
  2. Use a Virtual Private Network, also known as a VPN. VPNs are encrypted web browsers that hide your IP addresses & your location.


If you have any questions about Hacking, Malware, Cyber Security, or Computer Forensics contact FDS Global. You can reach us at our office at (954) 727-1957 or by email at RMoody@FDS.Global. Please feel free to visit out website at www.FDS.Global.

  • 0

“A Travelers Guide To Protecting Your Data”

Dear Blast Readers,


When you hear the word “summer”, what is the first thing you think of? Vacation? Travel? Did you know that most people wont leave home without their smartphones, tablets, and/or computers? Have you ever wondered how traveling can compromise your digital security?


People tend to think of vacations as a time to get away and un-plug from the world, both the digital world and physical world. But, it is not realistic to believe that you will NEVER go online while traveling. Yes, it is fun to post pictures and status updates on your social media accounts in real time. But, did you know that by doing so, there is a possibility you are opening yourself, and your digital devices, to cyber criminals?


When traveling, public Wi-Fi might seem like a great thing. It allows you to check your email, work, and post updates to your social media accounts. But, as convent as it is, connecting to public Wi-Fi can also be dangerous. Cyber Criminals can take over public networks, and logging onto a corrupted network allows cyber criminals access to your:

  • Personal details
  • Credit card numbers
  • Passwords


The data that you, as a traveler, bring wherever you go is valuable and desired. It is important that while traveling you do everything in your power to keep your digital information safely out of the reach of cyber criminals.


How? Here are a few tips.

  • Only Use Secure Wi-Fi Networks. When connecting to a public network, consider using a Virtual Private Network, or VPN. This will ensure that your confidential information stays private. A VPN will also ensure that your data goes directly from your device to the network that you are connecting to.
  • Update Your Devices. Updating the software on your devices, as well as the applications updates, is important. Even though the constant update reminder can be annoying, it is your devices way of protecting you and your data.
  • Do Not Use Public Computers. Never use public computers when logging into to banking, email and social media accounts. This means computers in hotel business centers, as well as in-room iPads. Crooks can install keylogging software to track your keystrokes.
  • Secure Your Mobile Devices. Set a PIN for your devices. Setting a PIN can protect your device from unauthorized users.
  • Use Cash Whenever Possible. Using cash whenever possible while traveling keeps your credit/debit card safe from fraudsters. But, if you are to use your credit/debit cards, be cautious.
  • Backup all your devices. Before going on your trip, whether it is for business or vacation, it is a good idea to back up your mobile devices. This allows you to be able to retrieve your information if lost, in case of emergency, or stolen.
  • Critical information should be stored in a different location. When traveling, it is a good idea to store any critical and private information temporarily in a different location. Examples of different locations are: Flash Drives, Mobile Devices, or Cloud Storage.
  • Make sure your computer’s firewall is enabled. Enabling your computer’s firewall helps stop hackers from getting into your system, as well as keeping viruses from spreading and safeguards outgoing computer traffic.


If you have any questions about Digital Security, Hacking, Cyber Security, Computer Forensics, or Mobile Forensics contact FDS Global. You can reach us at our office at (954) 727-1957 or by email at RMoody@FDS.Global. Please feel free to visit our website at www.FDS.Global.

  • 0

“Your Medical Records Are Next

Dear Blast Readers,


Have you ever worried about your credit/debit card information being stolen by hackers? Did you ever think that by visiting your doctor’s office your identity could be stolen? Did you know that, when it comes to protecting customer information, the healthcare system is behind the financial sector by about 10 years?


As more hospitals, doctor’s offices, and healthcare facilities go from paper records to digital records more hacking issues are expected. More personal information can be accessed by hackers because more is accessible online.


One of the challenges of protecting patient data is that the data is stored digitally. By storing patient information digitally, all devices that have access to this information have access to the internet. With internet access, these devices and the information they have access to can be breached by hackers. Also, data breaches can potentially occur when the patient data is being transmitted over the internet to the cloud. Many hospitals and doctor’s offices utilize cloud servers to store patient data without the patient’s knowledge. Hackers can exploit a vulnerability on the devices, with access to the cloud, compromising millions of patient files.


What makes health records so valuable to cyber criminals is the personal nature and its shelf life. Health records contain information such as:

  • Policy Numbers
  • Medical History
  • Billing Information
  • Social Security Numbers


Even though some patient data, such as Credit/Debit card information, can be shut down when fraudulent activity is detected. Other data cannot be changed that easily, such as Social Security numbers. So, it is important to protect that information so data breaches do not occur.


How can Doctor’s offices, hospitals and healthcare facilities protect patient data?

There are multiple ways that patient data can be protected. Some ways include:

  • Encryption Platforms. Encrypting data makes sure that all data that is being exchanged is done so safely.
  • Back-up patient records. By backing-up patient records this gives hackers less motivation to go after those organizations and their records. All back-ups should be kept in a secure environment.
  • Employ biometric authentication. This helps control and limit access to labs and records to only authorized personnel.
  • Device Management. Device management protects devices in case of theft.


If you have any questions about Hacking, Data Security, Cyber Security or Computer Forensics contact FDS Global. You can reach us at our office at (954) 727-1957 or by email at RMoody@FDS.Global. Please feel free to visit our website at www.FDS.Global.

  • 0

“Life’s A Breach”

Dear Blast Readers,


Does your company use third-party vendors? Do those vendors make data security a priority? Does your company allow third-party vendors to access your companies network?


Third-party vendors are companies that offer services that the primary company can not support. It is considered a business necessity with most companies to outsource data management, activity processing, and storage to third-party vendors. But, did you know putting your company’s data into the hands of third-party vendors puts your data at risk of being breached?


It is common for hackers to try and use third-party vendors to gain access to a business’s data. Yes, businesses may have their own cyber security protocols in place, but access must be given to third-party vendors. When access to a business’s network spans out to a third-party, this is when possible network security vulnerabilities are created.


All businesses are responsible for the data that they collect, transmit, use and process, and they are still responsible for that data even when the data is entrusted to a third party.


If a third-party vendor gets hacked the consequences for your business varies, depending on the seriousness of the hack. A less serious hack can cause your business to lose vital data, and confidential employee information can be compromised. If the hack is a serious hack there are a few things that can happen, ranging from intense media attention to bankruptcy.


Outsourced contractors are often the primary targets of data breaches. So, it is important for the third-party vendors to takes data security seriously. But, how can you be sure if a third-party vendor is a security-conscious vendor? Some signs that a third-party vendor is security-conscious are:

  • The vendors have comprehensive security policies & disaster recovery plans in place and are updated and reviewed regularly.
  • Data Back-ups and recoveries are performed regularly. In case of hardware failure, the vendor has back-up servers to avoid interruptions.
  • Internal security audits are performed regularly.
  • Employees that have access to company data are vetted carefully (thorough background checks are performed).


But, as important as it is to make sure that the third-party vendors take data security seriously. It is also just as important to make sure that the data is secure on your end. To do that it is important to:

  • Have a strong internal security policy.
  • Know what data is sensitive & where it is located on your system. Never give one person access to more than one portion of your sensitive data.
  • Know your responsibilities and rights, as well at know those of your providers.


Another important aspect of a data breach is the reporting requirements. Reporting requirements differ depending upon the state in which the breach occurs. Additionally, if a breach involves information of clients across state or country lines, other reporting requirements will come into effect. It is vital to know your state’s cyber security breach reporting requirements.


If you have any questions about Data Breaches, Cyber Security, Computer Forensics, or Reporting requirements contact FDS Global. You can reach us at our office at (954)727-1957 or by email at RMoody@FDS.Global. Please feel free to visit our website at www.FDS.Global.